Highest Voted 'file-access' Questions - IT Security Stack Exchange

2

votes

1 answer

Protecting folder contents from processes

Let's consider the following: Linux is the platform I am referencing here There exists a partition on the system that's encrypted with a strong password (via the LUKS mechanism, if it's relevant to you) This partition contains sensitive information…

linux file-access isolation

asked Feb 20 '18 at 20:05

Alex

67
3

2

votes

1 answer

Can a smartphone be accessed only by knowing its IMEI?

I have an old smartphone that I want to use only as a media player/portable radio/voice recorder. It doesn’t have a SIM card and it’s not connected to WiFi. I am curious however can the files on it still be potentially accessed somehow? I know that…

smartphone file-access imei

asked Oct 25 '17 at 15:59

peter_s

23
4

2

votes

1 answer

How to get sticky bit like ACL but for specific Linux user only?

Sticky bit set for a directory is a mean for "Restricted Deletion" — according to manual: For directories, it prevents unprivileged users from removing or renaming a file in the directory unless they own the file or the directory; this is called…

file-access

asked Sep 07 '17 at 06:40

poige

130
5

2

votes

4 answers

Security and conventions. DB or File?

Let me start off by stating I know the benefits of a database but that is not the question. I want to know if the security makes sense with an added benefit of speed. By using PHP 7.0, Test 1: I have a database setup with a table called user, with…

passwords php password-management databases file-access

asked Feb 22 '17 at 20:27

Dylan Harty

23
3

2

votes

1 answer

A file that doesn't allow copy/paste or print

We know that Adobe pdf's convenient control features for discouraging copy/paste and print are not real security measures. We are searching for a way to create a file that has default security set for preventing copy/paste/print. We don't care who…

file-access drm

asked Feb 10 '17 at 16:46

carleen

21
2

2

votes

1 answer

Security in unofficial telegram apps(that use Telegram API)

I was wondering that can developers of an unofficial Telegram apps gain access to media and files that users send over the app? (Unofficial Telegrams use the Telegram API and connect to Telegram servers).

api file-access telegram

asked Sep 20 '16 at 18:17

Tee Pee

21
1

2

votes

2 answers

Ensuring File is Write-Only For Specific Program

So in this scenario there are several programs that exist that can open and read a binary file, but my program must be the final arbitrator in creating and writing to these files. In this program I am writing, I would like to detect if the file has…

cryptography hash c file-access

asked Aug 17 '16 at 11:14

A Mac

23
2

2

votes

3 answers

How to eliminate data leaks when accessing encrypted data?

Goal: Encrypt/secure and access sensitive files (PDFs, etc.) locally. Method 1: Store files in a VeraCrypt file-hosted volume (container). Concern: Data Leaks. When mounting and reading files from a VeraCrypt container, there is a possibility…

file-encryption data-leakage file-access keepass veracrypt

asked Aug 03 '16 at 06:42

WHY

123
4

2

votes

2 answers

Is there such a thing as application-specific encryption?

I am looking for a way to encrypt certain files (.jpg, .pdf, standard file extensions) such that they can only be opened by a certain application (assuming this application will have the relevant file viewer included with it). It would seem that…

encryption appsec file-encryption file-access

asked Jul 14 '16 at 20:10

socrates

135
4

2

votes

1 answer

Can email services upload files from your computer without your permission/knowledge?

The company I work for is involved in security clearance work, and thus all company computers are monitored (files, screenshots, etc). I am routinely logged onto my company email service with my personal laptop. I have some questions regarding…

email file-upload file-access account-security

asked Jun 16 '16 at 22:14

Vegan

21
1

2

votes

1 answer

Security implications of the contents of /proc/self/environ in LFI attacks

During penetration testing on a website, the tests have found a local file inclusion vulnerability in an old wordpress plugin that was installed. An attacker can exploit the LFI vulnerability to include /etc/passwd and also the index page, however…

attacks file-access file-inclusion

asked Dec 05 '15 at 19:14

Jason Rigley

49
2
3

1

vote

1 answer

Do file hosting services check user data manually by human?

I wonder if file hosting services like Dropbox, MediaFire, OneDrive, Google Drive, etc. manually check user data for piracy or copyright infringement. Although their terms of service always say that they respect user privacy, I heard that many user…

privacy file-access

asked Jul 11 '15 at 06:40

TrinhIT

29
3

1

vote

0 answers

Potential security issues in a two-part upload process

I use a pre-signed URL approach for uploading files to a private S3 bucket. A CloudFront distribution is configured to use this bucket as the source. The upload process is only available to authenticate users and is done in two steps: Client…

web-application file-upload permissions file-access amazon

asked Jul 06 '15 at 22:24

MLister

171
1
4

1

vote

2 answers

What are hardened ACLs for the Windows %systemroot% folder?

What are the recommended file permissions for %systemroot% in Windows 8.1? I couldn't find hardened file system permissions to apply to better secure a Windows installation.

hardening file-system file-access windows-8 ntfs

asked Jun 10 '15 at 09:21

Parth Maniar

349
1
10

1

vote

1 answer

Solutions to decrypt data on access

I want to store sensitive data on on my (public) linux server. Also, I want to be able to access the data from different locations and different OS without much hassle. I thought about using a (simple) web-form, maybe also a samba-share which is…

server file-access decryption

asked May 04 '15 at 11:49

check0104

13
2

Questions tagged [file-access]